async def refresh(user: User = Depends(get_active_user_from_cookie),
Authorize: AuthJWT = Depends()):
try:
# set the user group
if user.account_type == 'admin':
user_claims = {'admin': True}
admin_logger.info(f"Admin refresh token: {user.email}")
elif user.account_type == 'filer':
user_claims = {'filer': True}
user_logger.info(f"User refresh token: {user.email}")
elif user.account_type == 'public':
user_claims = {'public': True}
user_logger.info(f"Public refresh token: {user.email}")
access_token = Authorize.create_access_token(subject=user.email,
user_claims=user_claims)
refresh_token = Authorize.create_refresh_token(subject=user.email,
user_claims=user_claims)
Authorize.set_refresh_cookies(refresh_token)
return {"success": True, "access_token": access_token}
except Exception as e:
logger.exception(traceback.format_exc())
handle_exc(e)
def all_token_response(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
response = JSONResponse(content={"msg": "all token"})
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def get_cookie(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject='test',fresh=True)
refresh_token = Authorize.create_refresh_token(subject='test')
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg":"Successfully login"}
def login(
user: schemas.UserCreate,
db: Session = Depends(get_db),
Authorize: AuthJWT = Depends(),
):
crud.prune_blacklist(db)
_user = (db.query(models.User).filter(
models.User.username == user.username.casefold()).first())
if _user is not None and crud.verify_password(user.password,
_user.hashed_password):
# Create Tokens
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Assign cookies
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {
"login": "******",
"username": _user.username,
"access_token": access_token,
}
else:
raise HTTPException(status_code=400,
detail="Invalid Username or Password.")
def get_token(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"access": access_token, "refresh": refresh_token}
async def get_login_response(
request: Request,
response: Response,
auth_jwt: AuthJWT,
parameters: AuthParams,
access_token: str,
refresh_token: str,
) -> Any:
if parameters.cookie:
if access_token:
auth_jwt.set_access_cookies(access_token, response)
if refresh_token:
auth_jwt.set_refresh_cookies(refresh_token, response)
if parameters.response_type == "json":
return schemas.StandardResponse(
schemas.AuthTokens(
access_token=access_token,
refresh_token=refresh_token,
token_type="bearer",
))
if parameters.response_type == "redirect":
redirect_url = parameters.redirect_url or str(get_base_url(request))
if set_redirect_response(response, redirect_url):
return None
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
def create_token_for_user(Authorize: AuthJWT, user_id: str) -> Dict:
response = RedirectResponse(
f'{Config["routes"]["client"]}/login_callback?user_id={user_id}')
access_token = Authorize.create_access_token(subject=user_id)
refresh_token = Authorize.create_refresh_token(subject=user_id)
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def create_access_and_refresh_tokens(user_id: str, Authorize: AuthJWT):
try:
access_token = Authorize.create_access_token(subject=user_id)
Authorize.set_access_cookies(access_token)
refresh_token = Authorize.create_refresh_token(subject=user_id)
Authorize.set_refresh_cookies(refresh_token)
except:
raise HTTPException(
status_code=500,
detail=f"Error while trying to create and refresh tokens")
def login(user: User, Authorize: AuthJWT = Depends()):
msg = password_check(user.password)
if len(msg) >= 1:
raise HTTPException(status_code=401,detail=msg)
# subject identifier for who this token is for example id or username from database
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg":"Successfully login"}
def login(user: User, Authorize: AuthJWT = Depends()):
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# Create the tokens and passing to set_access_cookies or set_refresh_cookies
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
def user_login(credentials: Credentials,
Authorize: AuthJWT = Depends(),
db: Database = Depends(mysql_connection)):
Authorize.jwt_optional()
print(credentials)
if not db.is_user_registred(credentials.email, credentials.password):
raise HTTPException(status_code=401, detail="Bad credentials")
access_token = Authorize.create_access_token(subject=credentials.email)
refresh_token = Authorize.create_refresh_token(subject=credentials.email)
response = JSONResponse(
{"user_id": db.find_user_by_email(credentials.email)[0]})
Authorize.set_access_cookies(access_token, response)
Authorize.set_refresh_cookies(refresh_token, response)
return response
def login(user: User, Authorize: AuthJWT = Depends()):
"""
With authjwt_cookie_csrf_protect set to True, set_access_cookies() and
set_refresh_cookies() will now also set the non-httponly CSRF cookies
"""
if user.username != "test" or user.password != "test":
raise HTTPException(status_code=401, detail="Bad username or password")
# Create the tokens and passing to set_access_cookies or set_refresh_cookies
access_token = Authorize.create_access_token(subject=user.username)
refresh_token = Authorize.create_refresh_token(subject=user.username)
# Set the JWT and CSRF double submit cookies in the response
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
async def login(request: Request, user: Login, Authorize: AuthJWT = Depends()):
# """
# create access and refresh token and save it as
# httponly cookie
# """
# query = USER.select().where(USER.c.email == user.email)
# data = await database.fetch_one(query)
data = await UserSchema.get(user.email)
if data == None or user.email != data['email'] or user.password != data[
'password']:
raise HTTPException(status_code=401, detail="Bad username or password")
token = Authorize.create_access_token(subject=user.email)
refresh_token = Authorize.create_refresh_token(subject=user.email)
Authorize.set_access_cookies(token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "Successfully login"}
def login(
email: str = Body(...),
password: str = Body(...),
Authorize: AuthJWT = Depends(),
db: Session = Depends(get_db),
):
dbuser = userCRUD.authenticate(db, email=email, password=password)
if not dbuser:
raise HTTPException(status_code=401, detail="Failed to Authenticate")
refresh_token = Authorize.create_refresh_token(subject=dbuser.id)
access_token = Authorize.create_access_token(subject=dbuser.id,
user_claims={
"username":
dbuser.username,
"email": dbuser.email,
})
Authorize.set_refresh_cookies(refresh_token)
return {"access_token": access_token}
async def saml_idp_initiated(request: Request,
response: Response,
Authorize: AuthJWT = Depends(),
db_session: Session = Depends(get_db)):
try:
res = dict(await request.form())
saml_c = await saml_client(kind='admin')
authn_response = saml_c.parse_authn_request_response(
res['SAMLResponse'], entity.BINDING_HTTP_POST)
authn_response.get_identity()
user_info = authn_response.get_subject()
username = user_info.text
admin_logger.info(f"Admin SAML login attempt: {username}")
user = saml_verify_admin_user(db_session, username)
if user is None or not user:
raise Exception("User unknown or not a City user.")
access_token = Authorize.create_access_token(
subject=user.email, user_claims={'admin': True})
refresh_token = Authorize.create_refresh_token(
subject=user.email, user_claims={'admin': True})
Authorize.set_refresh_cookies(refresh_token)
response.status_code = 303
response.headers[
"location"] = APP_HOST + FRONTEND_ROUTES['admin_auth_saml_success']
admin_logger.info(f"Admin SAML login succeeded: {username}")
return response
except Exception as e:
logger.exception(traceback.format_exc())
return RedirectResponse(
url=APP_HOST + FRONTEND_ROUTES['admin_auth_saml_fail'],
status_code=303,
)
async def filer_login(request: Request,
form: Login,
Authorize: AuthJWT = Depends(),
db_session: Session = Depends(get_db)):
try:
user_logger.info(f"Login attempt: {form.username}")
user = authenticate_filer_user(db_session, form.username,
form.password)
if user is None or not user:
raise CREDENTIALS_EXCEPTION
access_token = Authorize.create_access_token(
subject=user.email, user_claims={'filer': True})
refresh_token = Authorize.create_refresh_token(
subject=user.email, user_claims={'filer': True})
Authorize.set_refresh_cookies(refresh_token)
user_logger.info(f"Login successful: {form.username}")
return {"success": True, "access_token": access_token}
except Exception as e:
user_logger.info(f"Login failed: {form.username}")
logger.exception(traceback.format_exc())
handle_exc(e)
def refresh_token_response(Authorize: AuthJWT = Depends()):
refresh_token = Authorize.create_refresh_token(subject=1)
response = JSONResponse(content={"msg": "refresh token"})
Authorize.set_refresh_cookies(refresh_token, response)
return response
def refresh_token(Authorize: AuthJWT = Depends()):
refresh_token = Authorize.create_refresh_token(subject=1)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "refresh token"}
def all_token(Authorize: AuthJWT = Depends()):
access_token = Authorize.create_access_token(subject=1, fresh=True)
refresh_token = Authorize.create_refresh_token(subject=1)
Authorize.set_access_cookies(access_token)
Authorize.set_refresh_cookies(refresh_token)
return {"msg": "all token"}
